• 4am
    link
    fedilink
    English
    arrow-up
    8
    ·
    11 months ago

    That’s why stuff like webauthn is better; if we’re going to maintain a list of garbled text, let’s make it secure one-way encrypted keys instead, which are way stronger.

    You’re still only as secure as your password manager, but no one’s gonna decrypt your private key from a stolen database of public keys unless some really monumental exploit is discovered - and if that happens we’ve got MUCH bigger problems.